Fake stories on Czech social media are stealing passwords

Fake news stories have been making the rounds of Facebook users in the Czech Republic and Slovakia, and by trying to read the stories people can become locked out of their own Facebook pages.

The scam works by redirecting the Facebook user to a fraudulent copy of a Facebook page that asks for a user name and password. Attempts to get users to reveal such information are called “phishing.”

The story may appear in a user's time line as something being recommended by a social media friend.

“If the prospective victim clicks on the link, it does not open the news article but a fake version of the log in page to Facebook. By entering credentials, the victim unknowingly transmits the information to the attacker and thus loses control over his Facebook account. Meanwhile, the attack spreads further through the compromised profile to new victims,” Pavel Matějíček, manager of technical support at Bratislava-based internet security firm ESET, said in a news release. “The victim fills in the log-in information because he or she believes that this news article is about the great tragedy that taken place geographically close. Therefore, the attacker preys on not only curiosity but also fear,” Matějíček said.

Several thousand people have fallen victim to the scam, according to Eset. The fake stories have falsely claimed that a terrorist attack has taken place in a major Czech or Slovak city or that a notable politician has died suddenly. Internet users who may normally be cautious will be enticed by the urgent nature of the story and forget about basic internet safety.

A similar scam has been using the comment section on fake social media posts to try to entice people into joining user groups. The page for the user group is another fake that asks for log-in information.

“People should be wary whenever a social network such as Facebook, Twitter or Instagram requires them to log in, even if the page looks authentic. In this case, the victims just need to check the web address of the page itself, which should contain the name of Facebook or another social networks," Matějíček said, adding that the fake pages do not have authentic looking URLs, or web addresses.

Some web browsers try to protect users from scams such as this one by highlighting the main domain name in the address line, but users still have to look for themselves. Some anti-virus and anti-malware software will protect people from going to known websites that are collecting information fraudulently or contain other hazards. But the pages often pop up faster than they can be blocked, so web users should use caution and common sense even if their anti-virus protection is up to date. Some web browsers and software firms also sometimes offer the option of using a secure server that is supposed to block traffic from hazardous sites.

Central Europe is a hub for anti-virus and security software. Aside from Eset, there is Avast which is based in Prague and AVG in Brno. AVG was recently acquired by Avast for $1.3 billion. Germany is home to Avira Operations, a family owned firm. Other security firms in Europe include UK-based Sophos and Comodo Group.

Security firms themselves are not immune from phishing attempts. Avast reported in June that a fraudulent e-mail using Avast logos was asking people to go to a fake site for a free virus scan. Eventually the user is asked for passwords for his or her e-mail service.

Avast offers a list of security tips in its warning over that e-mail scam, which can be read here: blog.avast.com